Since 10/100 ports can run at either 10 or 100 Mbps, they ease desktop migration from older, 10-Mbps connections to newer, 100-Mbps connections. Also, any desktop that comes with a 100-Mbps card can run at 10 Mbps too. And if you still have 10-Mbps switches, the 100-Mbps desktops will work--just not at 100 Mbps.
All 100-Mbps interfaces autonegotiate the fastest available connection on both ends. Autonegotiation also negotiates between full and half duplex. Some combinations of vendor NICs and switches autonegotiate better than others, however, so if you're planning a big upgrade or installation, test the interactions among your PCs and switches. Certain vendor NIC and/or port combinations actually cause big connectivity problems, requiring extra time for manual configurations. Usually, though, it's best to use autonegotiation whenever possible because it minimizes initial installation time and avoids operator error.
When designing a switched network, keep it simple--you will be troubleshooting it down the road. Most of the switches listed in our Interactive Buyer's Guide charts support VLANs (virtual LANs), but we suggest you steer clear of VLANs since they add a layer of complexity in the wiring closet. For example, if a switch goes down, you can't simply pop another one in and ensure the same VLANs are configured. You could have serious problems reconstructing them if you haven't documented the information, don't keep the updated configurations on a TFTP server or don't use configuration management software. Management software that lets you track configurations is best if you have many switches with VLANs. If you're unsure if you need a VLAN, you probably don't. Consider purchasing additional switches and separating your networks among them as much as possible. This will add some up-front costs, but it will save on maintenance fees later.
Most of the switches you'll find listed in the Interactive Buyer's Guide charts are standalone or stackable. Only Nortel Networks responded to our survey with a chassis-based switch, the Passport 8100. Chassis-based systems have a frame, with slots that let you slide in cards that contain the ports. Although most of us can't justify the high price per port and high port density of a chassis-based solution, it would simplify the design in a high-density situation.
Imagine running out of ports using standalone switches. One solution is to buy another switch to aggregate all the switches. This works well if you can reach a number of wiring closets from one location, creating a building backbone and making good use of all the ports on the aggregator switch.
Another option is to daisy chain the switches together using extra-high-speed uplink ports. Troubleshooting this solution is more difficult, though, and your network-management software may not map it correctly. Also, when replacing a switch in the daisy-chain, service to the switches behind it will be disrupted.
Stackable switches are a good compromise between chassis and standalone models. Stackables provide an external backplane that connects all the switches as if they were one. You can usually manage a stack with one IP address, providing an accurate view of the configuration via SNMP. The stacked connection in many switches isn't faster than using a gigabit uplink port, but Enterasys Networks' Vertical Horizon VH-2402S provides a 4-Gb stacked connection.
If the initial cost of a chassis-based switch hasn't convinced you to avoid them, maybe "sparing" will. Standalone or stackable spares are far less expensive. To use sparing to your benefit, try to standardize on as few models as possible and make sure the spare can replace any of them. For example, one 48-port switch can be used as a spare for a 24- or 48-port switch. Of course, this assumes you're standardizing on products from one vendor. While most switch features are standards-based and, thus, interoperable, it's easier to deal with one vendor should problems arise.
Most switches support remote management via telnet, SNMP or a Web browser. All these are handy, but make sure to configure hard-to-guess passwords. Many switches come with well-known default vendor passwords; someone could access your switch from the Internet and reconfigure it. If you're concerned about security at the port level, consider the switches that provide IEEE 802.1x support, such as the Nortel Baystack and Business Policy switches. IEEE 802.1x forces any device that plugs into a port on the switch to authenticate to a radius server before it's granted access to the network. Although 802.1x is often seen as an answer to some security problems associated with 802.11b wireless LANs, it was originally designed for wired Ethernet. One caveat: The OS must also support 802.1x. Then again, if you're looking for an excuse to upgrade to Microsoft Windows XP, today's your lucky day: XP comes with 802.1x support.
Peter Morrissey is a full-time faculty member of Syracuse University's School of Information Studies and a contributing editor and columnist for Network Computing. Send your comments on this column to him at ppmorris@syr.edu.
|
The New Inline Power Standard
|
|
If you're installing IP phones, wireless access points or video-over-IP surveillance cameras, you face a serious problem: power--or the lack of it. Sure, you already have power in your office for phones, but what if the power goes out? And with access points and video cameras, you'll need an electrician to run both power and network cables to the location.
The IEEE 802.3af standard solves this problem by sending power to the device via the Ethernet cable from a switched port or a midspan device. The standard helps backups work more efficiently as well. It's a lot easier to back up wiring closet components with a UPS than to add a UPS to each individual device.
Centralized power distribution for phones isn't a new concept. Most corporate and residential phones receive power through the same cable that provides the carrier service. Digital phones attached to PBXs are powered by tapping a pair of twisted-pair wires in the cable into a 48-volt power distribution in the wiring closet, which then feeds the phone on the other end. The 802.3af standard provides for the distribution of power using either the data pairs (wires 1-2 and 3-5) or the unused pairs (4-5 and 7-8). Switches, referred to as end-span devices, use the data pairs, while midspan devices use the unused pairs. The devices that receive the power, known as powered devices, should accept power from either.
The 802.3af standard is on track to be ratified by the end of 2002. It's designed so that if a device not made for inline power is plugged into a connection with this capability, the device won't receive extra voltage. 802.3af is designed to run over Category 5 cable. If you already own a switch without inline power, you can use a midspan device to provide power over an Ethernet connection. PowerDsine (www.powerdsine.com) makes midspan devices and has been involved with IEEE 802.3af from the standard's beginning.
|
What's In a Layer?
|
|
When we asked vendors for Layer 2 switch products for our Interactive Buyer's Guide charts, many of the submissions they sent us also have some useful features at Layer 3 and above.
We have to be careful with the terminology: Layer 3 can imply routing. In fact, many routers are now called "Layer 3 switches."
Because these switches typically reside in wiring closets, we're not concerned with routing. But there are advantages to having a switch that is at least aware of what is happening in a packet at Layer 3 and above. For example, most of the switches support QoS based on IP precedence and DiffServ, both of which are mapped in the IP layer. So even though most of the switches also support a Layer 2 QoS scheme ( 802.1p), the Layer 2 scheme often gets lost when it traverses a router; Layer 3 QoS remains.
Another beneficial higher-layer feature is multicast support. If you use multicast to deliver video streams, these streams are treated as a type of
broadcast, and switches send out broadcasts on every port by default, defeating the purpose of multicast. A switch with multicast support will confine the stream to the computer requesting it. Some switches also allow you to tighten security by limiting access on different ports by IP address or protocol.
|
|
REPORTS
ANALYTICS
Follow 
